Originální popis anglicky:
chmod, fchmod - change permissions of a file
Návod, kniha: Linux Programmer's Manual
#include <sys/types.h>
#include <sys/stat.h>
int chmod(const char *path, mode_t mode);
int fchmod(int fildes, mode_t mode);
The mode of the file given by
path or referenced by
fildes is
changed.
Modes are specified by
or'ing the following:
- S_ISUID
- 04000 set user ID on execution
- S_ISGID
- 02000 set group ID on execution
- S_ISVTX
- 01000 sticky bit
- S_IRUSR (S_IREAD)
- 00400 read by owner
- S_IWUSR (S_IWRITE)
- 00200 write by owner
- S_IXUSR (S_IEXEC)
- 00100 execute/search by owner
- S_IRGRP
- 00040 read by group
- S_IWGRP
- 00020 write by group
- S_IXGRP
- 00010 execute/search by group
- S_IROTH
- 00004 read by others
- S_IWOTH
- 00002 write by others
- S_IXOTH
- 00001 execute/search by others
The effective UID of the calling process must match the owner of the file, or
the process must be privileged (Linux: it must have the
CAP_FOWNER
capability).
If the calling process is not privileged (Linux: does not have the
CAP_FSETID capability), and the group of the file does not match the
effective group ID of the process or one of its supplementary group IDs, the
S_ISGID bit will be turned off, but this will not cause an error to be
returned.
As a security measure, depending on the file system, the set user ID and set
group ID execution bits may be turned off if a file is written. (On Linux this
occurs if the writing process does not have the
CAP_FSETID capability.)
On some file systems, only the super-user can set the sticky bit, which may
have a special meaning. For the sticky bit, and for set user ID and set group
ID bits on directories, see
stat(2).
On NFS file systems, restricting the permissions will immediately influence
already open files, because the access control is done on the server, but open
files are maintained by the client. Widening the permissions may be delayed
for other clients if attribute caching is enabled on them.
On success, zero is returned. On error, -1 is returned, and
errno is set
appropriately.
Depending on the file system, other errors can be returned. The more general
errors for
chmod are listed below:
- EACCES
- Search permission is denied on a component of the path
prefix. (See also path_resolution(2).)
- EFAULT
- path points outside your accessible address
space.
- EIO
- An I/O error occurred.
- ELOOP
- Too many symbolic links were encountered in resolving
path.
- ENAMETOOLONG
- path is too long.
- ENOENT
- The file does not exist.
- ENOMEM
- Insufficient kernel memory was available.
- ENOTDIR
- A component of the path prefix is not a directory.
- EPERM
- The effective UID does not match the owner of the file, and
the process is not privileged (Linux: it does not have the
CAP_FOWNER capability).
- EROFS
- The named file resides on a read-only file system.
The general errors for
fchmod are listed below:
- EBADF
- The file descriptor fildes is not valid.
- EIO
- See above.
- EPERM
- See above.
- EROFS
- See above.
The
chmod call conforms to SVr4, SVID, POSIX, X/OPEN, 4.4BSD. SVr4
documents EINTR, ENOLINK and EMULTIHOP returns, but no ENOMEM. POSIX.1 does
not document EFAULT, ENOMEM, ELOOP or EIO error conditions, or the macros
S_IREAD,
S_IWRITE and
S_IEXEC.
The
fchmod call conforms to 4.4BSD and SVr4. SVr4 documents additional
EINTR and ENOLINK error conditions. POSIX requires the
fchmod function
if at least one of
_POSIX_MAPPED_FILES and
_POSIX_SHARED_MEMORY_OBJECTS is defined, and documents additional
ENOSYS and EINVAL error conditions, but does not document EIO.
chown(2),
execve(2),
open(2),
path_resolution(2),
stat(2)
